Your personal data and privacy are hugely important to Carl & Johan. This policy is not just a legal shield to make us compliant with regulations such as the General Data Protection Regulation (further: GDPR), or still, the General Data Protection Regulation. No, this text writes our data story. It tells which personal data we process and how we treat and protect it with care.
With this policy we want to inform you about our data policy. In this way, you can make a thoughtful and informed choice about whether to use our services. We therefore assume that when you use our services, you agree with the way we process data and our policy.
Oh, one more thing. We have done our best to keep this policy as concise and clear as possible. After all, we are convinced that obligations don't have to be boring.
 Regulation of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data
Who processes the data?
Company name: C&J Laboratories Belgium bvba
Company number: BE 0645.680.597
Address: Dorpstraat 61 | B - 9140 Elversele
Email address: [email protected]
Phone number: 0472 49 37 37
The GDPR also designates us as a data controller. This means, in short, that we decide what data will be collected, how and by what means it will be done, but also why we do it all.
2. Who helps us?
Processors, a telling GDPR term. Who helps us, under our responsibility, process your personal data? Rest assured, all our processors have personally or in a general way agreed to the GDPR, and thus, our policies. Here is a brief overview.
Lightspeed is under the hood of our website.
Company name: Lightspeed HQ
Address: Sint-Denijslaan 489
Email address: [email protected]
Phone number: +32 9 298 02 73
In addition to all these processors, we use some plugins that sometimes also process data. Rest assured, as with our processors, we only use plugins that explicitly comply with the GDPR. A list: Google Analytics & Facebook Pixel.
What data do we actually collect?
1. The 'categories of data'.
A heavy GDPR term for what 'types of data' we need. A small overview:
2. Why do we collect this data?
We don't do this for no reason. It's to help us provide you with the best possible experience on our website. But what should you expect from that?
We make sure that the experience on our website is as safe as possible. That's why we use the data to monitor our website to make sure everything is running smoothly. In this way, we also try to avoid fraud and other bad intentions.
We also like to keep you informed about our products and services. That's why we send you an email once in a while. Sometimes it's a promotion, sometimes it's just news. Some people know this as direct marketing, but don't worry! The mails always contain a link to remove yourself from our database.
WEBSHOP: Of course we have to get your product to you! Therefore we use the data collected at the checkout screen to track your order. Afterwards the invoice disappears in our accounting which we have to keep in order to comply with various legal obligations. We keep the data provided so that we can help you with possible problems about the shipment of the product, your purchase or just to make it easier to place another order!
Google Analytics collects data for us so that we can gain our own insights into the audience that visits our website. Statistical data collection, it's called. IP address, which pages were visited, a geographical location of the visitor and the time of visit are processed.
The Facebook Pixel collects data for us so that we can properly organize our marketing efforts. This allows us to show the right message to the right people on Facebook without ever knowing your account. Pun intended! The fewer parties that process data, the less likely it is to be lost.
What can you do? What are your rights?
1. Right of access
Your data remains yours, of course. You can therefore ask us at any time to allow you to inspect the data we have collected from you and how, why and for how long we have processed it. All this in the broadest sense. You will know exactly how we assess your data and what happens to it. Send your request for access to [email protected] and we will send you everything we have within 1 month of the request.
2. Right to correction and deletion of personal data
You can always have your data corrected or deleted. This may be necessary for example when you move or create a new email address. WEBSHOP: Most of your data can be changed through your user profile. WEBSITE AND WEBSHOP: If you want to have your data removed or changed, please send your request to [email protected].
Unfortunately, some data cannot be easily deleted. This concerns data that we have to keep on account of a legal obligation (e.g. bookkeeping) or on account of an agreement (e.g. we still have to deliver your package).
Naturally, data that would have been processed in an unlawful manner will be deleted as soon as possible. Any other request will be granted without unreasonable delay.
3. Right to restrict or object to data processing
If you have submitted a request for deletion, we check the accuracy of the data, the data have been processed unlawfully or the data are necessary for legal proceedings, you can request a restriction of the processing. Please address this request to [email protected] and we will restrict the processing within one month.
Do you not want us to process your data? Then object via [email protected] and we will stop processing your data as soon as possible (within 1 month after the request). Exceptions to this are again the data we have to keep based on a legal obligation (e.g. accounting) or based on a contract (e.g. we still have to deliver your package).
4. Right to data portability.
You have the right to obtain the data you have provided to us in a structured, commonly used and machine-readable form. This will allow you to transfer the data to another data controller.
5. Right to withdraw consent
Your consent can be revoked at any time. Naturally, this will only affect the data we have obtained on the basis of your consent. The data that we obtain or have to maintain on the basis of a legal obligation (e.g. bookkeeping) or on the basis of an agreement (e.g. we still have to deliver your package) is therefore excluded from this.
Complaints about how we process your data must be reported to the Belgian Commission for the Protection of Privacy (https://www.privacycommission.be/nl).